NULL pointer dereference in Samba

#VU18844 NULL pointer dereference in Samba

Published: 2019-06-19

Vulnerability identifier: #VU18844

Vulnerability risk: Low

CVSSv3.1: 5 [CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-12435

CWE-ID: CWE-476

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
Samba
Server applications / Directory software, identity management

Vendor: Samba

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the DNS management server (dnsserver) RPC pipe. A remote authenticated user can perform denial of service (DoS) attack against the AD DC server.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Samba: 4.10.0 - 4.10.4, 4.9.0 - 4.9.8

External links
http://www.samba.org/samba/security/CVE-2019-12435.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

OpenSUSE Linux update for samba

NULL pointer dereference in samba (Alpine package)

Multiple vulnerabilities in Samba

Ubuntu update for samba